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What is claimed is: 



1 LA method for provisioning users with resources, the method comprising the 

2 steps of: 

3 establishing a set of attributes, organizational information, and user roles; 

4 defining a plurality of resource provisioning policies based on selected 

5 attributes, organizational information, and user roles; 

6 receiving attribute information, organizational information, and user role 

7 information for a particular user, resource, or database; 

8 determining which resource provisioning policies are applicable to the user 
2 9 based on the received user role information, organizational information, and attribute 
\\10 information; and 

*5 1 1 provisioning the user with resources based on the applicable resource 

ftj 12 provisioning policies. 

Pi 2. A method as recited in claim 1, the user roles comprising a yes value and a no 

tU 2 value, the attributes comprising multiple non-binary values. 

Hi 3 . A method as recited in claim 2, further including the step of reconciling 

2 resources by comparing resources currently provisioned to the user with a list of resources that 

3 should be provisioned to the user based on the applicable resource access policies, and 

4 identifying any differences. 

1 4. A method as recited in claim 3, further including the step provisioning or de- 

2 provisioning resources to the user based on the differences detected by reconciliation. 

1 5. A method as recited in claim 2, further including the step of de-provisioning the 

2 user with some or all of the user's allocated resources if the user is terminated, suspended, or 

3 placed on leave. 
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1 6. A method as recited in claim 2, further including the steps of: 

2 receiving timing information related to the timing of the provisioning or 

3 resources; and 

4 provisioning the user with resources at a certain time specified by the timing 

5 information. 

1 7. A method as recited in claim 2, the attributes comprising user attributes and 

J 2 resource attributes. 

1 8. A method as recited in claim 2, further including the step of provisioning the 

C! 2 user with "hard" resources and "soft" resources. 

% * 1 9. A method as recited in claim 2, further including the step of provisioning the 

[~J 2 user with resource bundles. 

:L 1 10. A method as recited in claim 2, further including the step of defining a plurality 

N ; 2 of resource provisioning policies utilizing decision statements that allow irrelevant steps to be 

yy 3 bypassed. 

1 1 1 . A method as recited in claim 2, the step of provisioning the user with resources 

2 comprising communicating requests for the resources to applications or persons. 
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1 12. A system for provisioning users with resources, the system comprising: 

2 memory for storing a set of attributes, organizational information, and user 

3 roles, a plurality of resource provisioning policies based on selected attributes, organizational 

4 information, and user roles, and attribute information and user role information for a particular 

5 user or resource; and 

6 one or more processors coupled to the memory and an organizational network, 

7 the processors programmed for 

8 determining which resource provisioning policies are applicable to a 

9 particular user based on the stored user role information, organizational information, and 
;; 10 attribute information, and 

1 1 provisioning the user with resources based on the applicable resource 

,1 1 2 provisioning policies . 

^ 1 13. A system as recited in claim 12, the user roles having a yes value and a no 

ui 2 value, the attributes comprising multiple non-binary values. 

S 1 14. A system as recited in claim 13, the one or more processors further 

5 2 programmed for reconciling resources by comparing resources currently provisioned to the 

H 3 user with a list of resources that should be provisioned to the user based on the applicable 

4 resource provisioning policies, and identifying any differences. 

1 15. A system as recited in claim 14, the one or more processors further 

2 programmed for provisioning or de-provisioning resources to the user based on the differences 

3 detected by reconciliation. 

1 16. A system as recited in claim 13, the one or more processors further 

2 programmed for de-provisioning the user with some or all of the user's allocated resources if 

3 the user is terminated, suspended, or placed on leave. 
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.1 17. A system as recited in claim 13, the one or more processors further 

2 programmed for: 

3 receiving timing information related to the timing of the provisioning or 

4 resources; and 

5 provisioning the user with resources at a certain time specified by the timing 
" 6 information. 

1 18. A system as recited in claim 13, the attributes comprising user attributes and 

2 resource attributes. 

£3 1 19. A system as recited in claim 13, wherein the user may be provisioned with 

2 "hard" resources and "soft" resources. 

fli 1 20. A system as recited in claim 13, wherein the user is provisioned with resource 

111 2 bundles. 

1 21. A system as recited in claim 13, the plurality of resource provisioning policies 

I fi 2 utilizing decision statements that allow irrelevant steps to be bypassed. 
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